mirror of
https://github.com/Bandie/grub2-signing-extension.git
synced 2024-04-01 15:51:26 +00:00
35 lines
828 B
Bash
Executable File
35 lines
828 B
Bash
Executable File
#!/bin/bash
|
|
# grub2-unsign
|
|
# Unsigns every file in /boot. Depends on grub2-verify
|
|
# Author: Bandie
|
|
# Licence: GNU-GPLv3
|
|
|
|
# Check if something is wrong
|
|
grub2-verify
|
|
stat=$?
|
|
if (( $stat == 1 ))
|
|
then
|
|
printf '%s\n' "grub2-verify has detected a one or more bad signatures." "Please check for malicious software before you're unsigning everything!" >&2
|
|
exit 1
|
|
elif (( $stat == 2 ))
|
|
then
|
|
printf 'Everything is unsigned already.\n'
|
|
exit 0
|
|
elif (( $stat == 3 ))
|
|
then
|
|
printf 'Ignoring missing signatures...\n'
|
|
elif (( $stat == 0 ))
|
|
then
|
|
# Then remove the signatures.
|
|
find /boot -name '*.sig' -exec rm {} +
|
|
|
|
echo "GRUB2 unsigned. WARNING: If you want to deactivate GRUB2's signature feature, change the check_signatures variable in the headers file!"
|
|
exit 0
|
|
|
|
else
|
|
printf 'Something unknown happened!\n'
|
|
exit 99
|
|
fi
|
|
|
|
|